#!/bin/sh

# create self-signed server certificate:

read -p "Enter your domain [www.example.com]:" DOMAIN
read -p "Enter your serverName [nginx]:" SERVERNAME

echo "Create server key..."

openssl genrsa -des3 -out $SERVERNAME.key 1024

echo "Create server certificate signing request..."

SUBJECT="/C=CN/ST=TJ/L=TJ/O=AUTUMNER/OU=ECW/CN=$DOMAIN"

openssl req -new -subj $SUBJECT -key $SERVERNAME.key -out $SERVERNAME.csr

echo "Remove password..."

mv $SERVERNAME.key $SERVERNAME.origin.key
openssl rsa -in $SERVERNAME.origin.key -out $SERVERNAME.key

echo "Sign SSL certificate..."

openssl x509 -req -days 3650 -in $SERVERNAME.csr -signkey $SERVERNAME.key -out $SERVERNAME.crt

openssl x509 -in $SERVERNAME.crt -out $SERVERNAME.cer -outform der

openssl x509 -inform der -in $SERVERNAME.cer -out $SERVERNAME.pem
